Security related changes for Exchange 2007 and Exchange 2010 ship as Update rollups following the cumulative servicing model. However we have tried to keep the number of non-security related changes in these rollups down to a minimum.

We found that the windows update version of update rollup 4 was offered to our CCR clusters – traditionally this is not the case – update rollups need installing seperate from windows update to CCR nodes.

Is this a policy change with this update or is there something not right with our setup? I guess there is a first time for everything!

There is a bug in the RU for Exchange 2007 (since SP2 RU1). After the installation customers with german language will not be able to open the toolbox because of a translation of some regkeys that should not be translated.

For systems that have Microsoft Exchange installed, both the Exchange and Windows update should be applied. If you have the SMTP service enabled but do not run the Exchange service, only the Windows update need be applied.

If you are running Exchange 2003 or Exchange 2000, you need both the Exchange and Windows patches since they are both rated as important.

If you are running SMTP service on a Windows only system, you need the Windows update since it is rated as important as well.

If you are running Exchange 2007 or Exchange 2010, then applying the update is recommended even though it is not rated since it includes a defense-in-depth change. If you are applying the update rollup, you should apply it to all roles.

For folks with Cluster installs using Exchange 2007 SP2 or Exchange 2010, the rollup will be offered as a silent install via Microsoft Update and WSUS. Having your machine configured for Auto Update may have an impact as the Rollup will be installed on the node that is offered regardless of state of that node. Services will be restarted for that node and if Active – failover will happen.

Not only did this update wipe out SMTP relay for me, it appears to be causing timeouts. Hotmail.com, works fine, gmail.com (as well as postini), chase.com, and other mail servers drop the connection after it gets to code 354, dropping with with a 451 or 421 code.

I would like to confirm the problems reported by Richard Vetter above.

I use Exchange2003 SP2 and after this install I started to get problems with sending emails. A lot of my users get

Subject: Delivery Status Notification (Failure)

This is an automatically generated Delivery Status Notification.

Delivery to the following recipients failed.

There is definitely a problem with this. For instance for me hotmail.com does not work fine and I get this and no other changes happened on my system aside from this update. And I used to be able to email hotmail just fine a day before the update.

Arturo & Richard – We can confirm that there is an issue with the Windows 2008 and Windows 2008 R2 package where the existing configuration including pre-existing relay settings may be lost. To the best of our knowledge this does not affect any version of Exchange server. At this time, we are working to list the problem in the Known Issues section of the security bulletin and we are planning to release an update.

For anyone whose issues are not already discussed (including Remus), would you be willing to open a support ticket with Microsoft? Please feel free to reach out to me via email for proper follow up. First.Last@_

We have installed Rollup 4 for exchange 2007 SP2 last week and we are facing lots of issue after installing the same like our Blackberry BIS users is not able to send and receive their email, our mail server being included on a spam house antispam list, this update resetted the SMTP setting and I got the below error also when our pop3 users trying to send any mail to external domain from outside our network.